package dn0;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import com.bumptech.glide.manager.h;
import com.emvco3ds.sdk.spec.SDKNotInitializedException;
import com.emvco3ds.sdk.spec.SDKRuntimeException;
import com.google.firebase.messaging.n;
import com.google.gson.Gson;
import dn0.a;
import ec.m;
import ec.o;
import fj.p;
import fj.q;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
import javax.crypto.KeyGenerator;
import jj.a;
import kotlin.NoWhenBranchMatchedException;
import kotlin.Unit;
import kotlin.jvm.internal.Intrinsics;
import ns.u;
import okhttp3.OkHttpClient;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.jetbrains.annotations.NotNull;
import ru.rtln.tds.sdk.crypto.CertificatesProvider;
import ru.rtln.tds.sdk.crypto.TransactionCertificates;
import ru.rtln.tds.sdk.service.ThreeDS2Service;
import s6.a;
import s6.b;

/* compiled from: ThreeDSWrapper.kt */
/* loaded from: classes3.dex */
public final class c implements m, CertificatesProvider {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    public final List<f> f23658a;

    /* renamed from: b, reason: collision with root package name */
    @NotNull
    public final OkHttpClient f23659b;

    /* renamed from: c, reason: collision with root package name */
    public Context f23660c;

    /* renamed from: d, reason: collision with root package name */
    public dn0.a f23661d;

    /* renamed from: e, reason: collision with root package name */
    public ThreeDS2Service f23662e;

    /* renamed from: f, reason: collision with root package name */
    public s6.b f23663f;

    /* renamed from: g, reason: collision with root package name */
    @NotNull
    public final Gson f23664g;

    /* compiled from: ThreeDSWrapper.kt */
    /* loaded from: classes3.dex */
    public enum a {
        DS,
        CA
    }

    /* compiled from: ThreeDSWrapper.kt */
    /* loaded from: classes3.dex */
    public static final class b {
        public static final s6.a a(File file, Context context) {
            fj.g a11;
            s6.c b11 = b(context);
            a.c cVar = a.c.f56650b;
            Context applicationContext = context.getApplicationContext();
            int i11 = nj.d.f41990a;
            p.e(new nj.a(), true);
            p.e(new nj.b(), true);
            p.f(new nj.f());
            a.C0478a c0478a = new a.C0478a();
            c0478a.f33438e = cVar.f56652a;
            c0478a.e(applicationContext, "__androidx_security_crypto_encrypted_file_keyset__", "__androidx_security_crypto_encrypted_file_pref__");
            c0478a.d("android-keystore://" + b11.f56668a);
            jj.a a12 = c0478a.a();
            synchronized (a12) {
                a11 = a12.f33433b.a();
            }
            s6.a aVar = new s6.a(file, (q) a11.a(q.class));
            Intrinsics.checkNotNullExpressionValue(aVar, "Builder(\n            con…256_GCM_HKDF_4KB).build()");
            return aVar;
        }

        public static s6.c b(Context context) {
            context.getApplicationContext();
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("_androidx_security_master_key_", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build();
            if (build == null) {
                throw new NullPointerException("KeyGenParameterSpec was null after build() check");
            }
            int i11 = s6.d.f56669a;
            if (build.getKeySize() != 256) {
                throw new IllegalArgumentException("invalid key size, want 256 bits got " + build.getKeySize() + " bits");
            }
            if (!Arrays.equals(build.getBlockModes(), new String[]{"GCM"})) {
                throw new IllegalArgumentException("invalid block mode, want GCM got " + Arrays.toString(build.getBlockModes()));
            }
            if (build.getPurposes() != 3) {
                throw new IllegalArgumentException("invalid purposes mode, want PURPOSE_ENCRYPT | PURPOSE_DECRYPT got " + build.getPurposes());
            }
            if (!Arrays.equals(build.getEncryptionPaddings(), new String[]{"NoPadding"})) {
                throw new IllegalArgumentException("invalid padding mode, want NoPadding got " + Arrays.toString(build.getEncryptionPaddings()));
            }
            if (build.isUserAuthenticationRequired() && build.getUserAuthenticationValidityDurationSeconds() < 1) {
                throw new IllegalArgumentException("per-operation authentication is not supported (UserAuthenticationValidityDurationSeconds must be >0)");
            }
            String keystoreAlias = build.getKeystoreAlias();
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(keystoreAlias)) {
                try {
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                    keyGenerator.init(build);
                    keyGenerator.generateKey();
                } catch (ProviderException e11) {
                    throw new GeneralSecurityException(e11.getMessage(), e11);
                }
            }
            s6.c cVar = new s6.c(build.getKeystoreAlias(), build);
            Intrinsics.checkNotNullExpressionValue(cVar, "Builder(context)\n       …cheme.AES256_GCM).build()");
            return cVar;
        }
    }

    /* compiled from: ThreeDSWrapper.kt */
    /* renamed from: dn0.c$c, reason: collision with other inner class name */
    /* loaded from: classes3.dex */
    public static final class C0282c {

        /* renamed from: a, reason: collision with root package name */
        @NotNull
        public final String f23668a;

        /* renamed from: b, reason: collision with root package name */
        public a f23669b;

        /* renamed from: c, reason: collision with root package name */
        public a f23670c;

        /* compiled from: ThreeDSWrapper.kt */
        /* renamed from: dn0.c$c$a */
        /* loaded from: classes3.dex */
        public static final class a {

            /* renamed from: a, reason: collision with root package name */
            @NotNull
            public final String f23671a;

            public a(@NotNull String certHash) {
                Intrinsics.checkNotNullParameter(certHash, "certHash");
                this.f23671a = certHash;
            }
        }

        public C0282c(String dsId) {
            Intrinsics.checkNotNullParameter(dsId, "dsId");
            this.f23668a = dsId;
            this.f23669b = null;
            this.f23670c = null;
        }
    }

    /* compiled from: ThreeDSWrapper.kt */
    /* loaded from: classes3.dex */
    public static final class d {

        /* renamed from: a, reason: collision with root package name */
        @hm.b("dsCertUrl")
        private String f23672a;

        /* renamed from: b, reason: collision with root package name */
        @hm.b("dsCertFileName")
        private String f23673b;

        /* renamed from: c, reason: collision with root package name */
        @hm.b("dsCertReplacedHash")
        private String f23674c;

        /* renamed from: d, reason: collision with root package name */
        @hm.b("caCertUrl")
        private String f23675d;

        /* renamed from: e, reason: collision with root package name */
        @hm.b("caCertFileName")
        private String f23676e;

        /* renamed from: f, reason: collision with root package name */
        @hm.b("caCertReplacedHash")
        private String f23677f;

        public d() {
            this(0);
        }

        public d(int i11) {
            this.f23672a = null;
            this.f23673b = null;
            this.f23674c = null;
            this.f23675d = null;
            this.f23676e = null;
            this.f23677f = null;
        }

        public final String a() {
            return this.f23676e;
        }

        public final String b() {
            return this.f23677f;
        }

        public final String c() {
            return this.f23673b;
        }

        public final String d() {
            return this.f23674c;
        }

        public final void e(String str) {
            this.f23676e = str;
        }

        public final void f(String str) {
            this.f23677f = str;
        }

        public final void g(String str) {
            this.f23675d = str;
        }

        public final void h(String str) {
            this.f23673b = str;
        }

        public final void i(String str) {
            this.f23674c = str;
        }

        public final void j(String str) {
            this.f23672a = str;
        }
    }

    /* compiled from: ThreeDSWrapper.kt */
    /* loaded from: classes3.dex */
    public static final class e {

        /* renamed from: a, reason: collision with root package name */
        @NotNull
        public final String f23678a;

        /* renamed from: b, reason: collision with root package name */
        @NotNull
        public final a f23679b;

        /* renamed from: c, reason: collision with root package name */
        @NotNull
        public final String f23680c;

        public e(@NotNull String dsId, @NotNull a certType, @NotNull String certUrl) {
            Intrinsics.checkNotNullParameter(dsId, "dsId");
            Intrinsics.checkNotNullParameter(certType, "certType");
            Intrinsics.checkNotNullParameter(certUrl, "certUrl");
            this.f23678a = dsId;
            this.f23679b = certType;
            this.f23680c = certUrl;
        }
    }

    /* compiled from: ThreeDSWrapper.kt */
    /* loaded from: classes3.dex */
    public static final class f {

        /* renamed from: d, reason: collision with root package name */
        @NotNull
        public static final List<f> f23681d = u.g(new f("A000000003", null, null), new f("A000000004", null, null), new f("A000000658", "MIR_DS.cer", "MIR_CA.cer"), new f("A000000333", null, null));

        /* renamed from: e, reason: collision with root package name */
        @NotNull
        public static final List<f> f23682e = u.g(new f("A000000003", null, null), new f("A000000004", null, null), new f("A000000658", "MIR_DS_Test.cer", "MIR_CA_Test.cer"), new f("A000000333", "UP_DS_Test.cer", "UP_CA_Test.cer"), new f("mock", "MIR_DS_Test.cer", "MIR_CA_Test.cer"));

        /* renamed from: a, reason: collision with root package name */
        @NotNull
        public final String f23683a;

        /* renamed from: b, reason: collision with root package name */
        public final String f23684b;

        /* renamed from: c, reason: collision with root package name */
        public final String f23685c;

        public f(@NotNull String dsId, String str, String str2) {
            Intrinsics.checkNotNullParameter(dsId, "dsId");
            this.f23683a = dsId;
            this.f23684b = str;
            this.f23685c = str2;
        }
    }

    /* compiled from: ThreeDSWrapper.kt */
    /* loaded from: classes3.dex */
    public /* synthetic */ class g {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[a.values().length];
            iArr[a.DS.ordinal()] = 1;
            iArr[a.CA.ordinal()] = 2;
            $EnumSwitchMapping$0 = iArr;
        }
    }

    static {
        new b();
    }

    public c() {
        this(null, 3);
    }

    public c(List embeddedCertsInfo, int i11) {
        embeddedCertsInfo = (i11 & 1) != 0 ? f.f23682e : embeddedCertsInfo;
        OkHttpClient okHttpClient = (i11 & 2) != 0 ? new OkHttpClient(new OkHttpClient.a()) : null;
        Intrinsics.checkNotNullParameter(embeddedCertsInfo, "embeddedCertsInfo");
        Intrinsics.checkNotNullParameter(okHttpClient, "okHttpClient");
        this.f23658a = embeddedCertsInfo;
        this.f23659b = okHttpClient;
        this.f23664g = new Gson();
    }

    public static String g(X509Certificate x509Certificate) {
        SHA256Digest sHA256Digest = new SHA256Digest();
        sHA256Digest.e(0, x509Certificate.getEncoded().length, x509Certificate.getEncoded());
        byte[] bArr = new byte[32];
        sHA256Digest.c(0, bArr);
        String upperCase = ns.q.z(bArr, ":", dn0.d.f23686b).toUpperCase(Locale.ROOT);
        Intrinsics.checkNotNullExpressionValue(upperCase, "this as java.lang.String).toUpperCase(Locale.ROOT)");
        return upperCase;
    }

    public final File a(String str) {
        Context context = this.f23660c;
        if (context == null) {
            throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
        }
        File file = new File(context.getFilesDir().getAbsolutePath(), "threeds_wrapper_certs");
        file.mkdir();
        File file2 = new File(file, str);
        if (file2.exists()) {
            return file2;
        }
        return null;
    }

    public final X509Certificate b(@NotNull String dsId) {
        Object obj;
        Intrinsics.checkNotNullParameter(dsId, "dsId");
        dn0.a aVar = this.f23661d;
        if (aVar == null) {
            throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
        }
        Intrinsics.checkNotNullParameter(dsId, "dsId");
        Iterator it = aVar.f23654a.iterator();
        while (true) {
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            obj = it.next();
            if (Intrinsics.b(((a.C0281a) obj).f23655a, dsId)) {
                break;
            }
        }
        a.C0281a c0281a = (a.C0281a) obj;
        if (c0281a != null) {
            return c0281a.f23657c;
        }
        return null;
    }

    public final X509Certificate c(@NotNull String dsId) {
        Object obj;
        Intrinsics.checkNotNullParameter(dsId, "dsId");
        dn0.a aVar = this.f23661d;
        if (aVar == null) {
            throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
        }
        Intrinsics.checkNotNullParameter(dsId, "dsId");
        Iterator it = aVar.f23654a.iterator();
        while (true) {
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            obj = it.next();
            if (Intrinsics.b(((a.C0281a) obj).f23655a, dsId)) {
                break;
            }
        }
        a.C0281a c0281a = (a.C0281a) obj;
        if (c0281a != null) {
            return c0281a.f23656b;
        }
        return null;
    }

    @Override // ec.m
    public final void cleanup(@NotNull Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        ThreeDS2Service threeDS2Service = this.f23662e;
        if (threeDS2Service == null) {
            throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
        }
        threeDS2Service.cleanup(context);
        this.f23662e = null;
        this.f23660c = null;
        this.f23661d = null;
    }

    @Override // ec.m
    @NotNull
    public final o createTransaction(@NotNull String directoryServerId, @NotNull String messageVersion) {
        Intrinsics.checkNotNullParameter(directoryServerId, "directoryServerId");
        Intrinsics.checkNotNullParameter(messageVersion, "messageVersion");
        ThreeDS2Service threeDS2Service = this.f23662e;
        if (threeDS2Service == null) {
            throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
        }
        o createTransaction = threeDS2Service.createTransaction(directoryServerId, messageVersion);
        Intrinsics.checkNotNullExpressionValue(createTransaction, "requireThreeDS2Service()…ServerId, messageVersion)");
        return createTransaction;
    }

    public final X509Certificate d(String str, a aVar) {
        String c11;
        File a11;
        d dVar = (d) this.f23664g.d(d.class, ((s6.b) f()).getString(str, null));
        int i11 = g.$EnumSwitchMapping$0[aVar.ordinal()];
        if (i11 == 1) {
            if (dVar != null) {
                c11 = dVar.c();
            }
            c11 = null;
        } else {
            if (i11 != 2) {
                throw new NoWhenBranchMatchedException();
            }
            if (dVar != null) {
                c11 = dVar.a();
            }
            c11 = null;
        }
        if (c11 == null || (a11 = a(c11)) == null) {
            return null;
        }
        return e(a11);
    }

    public final X509Certificate e(File file) {
        Context context = this.f23660c;
        if (context == null) {
            throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
        }
        try {
            InputStream a11 = b.a(file, context).a();
            Intrinsics.checkNotNullExpressionValue(a11, "openFileInput()");
            BufferedInputStream bufferedInputStream = a11 instanceof BufferedInputStream ? (BufferedInputStream) a11 : new BufferedInputStream(a11, 8192);
            try {
                Intrinsics.checkNotNullParameter(bufferedInputStream, "<this>");
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(Math.max(8192, bufferedInputStream.available()));
                xs.a.a(bufferedInputStream, byteArrayOutputStream, 8192);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                Intrinsics.checkNotNullExpressionValue(byteArray, "toByteArray(...)");
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
                if (generateCertificate == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                }
                X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                h.c(bufferedInputStream, null);
                return x509Certificate;
            } finally {
            }
        } catch (CertificateException unused) {
            return null;
        }
    }

    public final SharedPreferences f() {
        s6.b bVar = this.f23663f;
        if (bVar != null) {
            return bVar;
        }
        throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
    }

    @Override // ru.rtln.tds.sdk.crypto.CertificatesProvider
    public final TransactionCertificates getCerts(String str) {
        if (str == null) {
            return null;
        }
        X509Certificate d3 = d(str, a.DS);
        if (d3 == null) {
            d3 = c(str);
        }
        if (d3 == null) {
            throw new SDKRuntimeException(n.a("Ds certificate for ", str, " can't be found"));
        }
        X509Certificate d11 = d(str, a.CA);
        if (d11 == null) {
            d11 = b(str);
        }
        if (d11 != null) {
            return new TransactionCertificates(d3, d11);
        }
        throw new SDKRuntimeException(n.a("Ca certificate for ", str, " can't be found"));
    }

    public final synchronized void h(Certificate certificate, String str, a aVar, String str2) {
        String c11;
        File file;
        s6.b bVar = (s6.b) f();
        d dVar = (d) this.f23664g.d(d.class, bVar.getString(str, null));
        if (dVar == null) {
            dVar = new d(0);
        }
        int[] iArr = g.$EnumSwitchMapping$0;
        int i11 = iArr[aVar.ordinal()];
        if (i11 == 1) {
            c11 = dVar.c();
        } else {
            if (i11 != 2) {
                throw new NoWhenBranchMatchedException();
            }
            c11 = dVar.a();
        }
        if (c11 == null || (file = a(c11)) == null) {
            Context context = this.f23660c;
            if (context == null) {
                throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
            }
            File file2 = new File(context.getFilesDir().getAbsolutePath(), "threeds_wrapper_certs");
            file2.mkdir();
            file = new File(file2, UUID.randomUUID().toString());
        }
        file.delete();
        Context context2 = this.f23660c;
        if (context2 == null) {
            throw new SDKNotInitializedException("ThreeDSWrapper is not initialized");
        }
        OutputStream b11 = b.a(file, context2).b();
        Intrinsics.checkNotNullExpressionValue(b11, "certFile.getCertEncrypte…ntext()).openFileOutput()");
        BufferedOutputStream bufferedOutputStream = b11 instanceof BufferedOutputStream ? (BufferedOutputStream) b11 : new BufferedOutputStream(b11, 8192);
        try {
            bufferedOutputStream.write(certificate.getEncoded());
            Unit unit = Unit.f35395a;
            h.c(bufferedOutputStream, null);
            int i12 = iArr[aVar.ordinal()];
            if (i12 == 1) {
                dVar.h(file.getName());
                dVar.j(str2);
                X509Certificate c12 = c(str);
                dVar.i(c12 != null ? g(c12) : null);
            } else if (i12 == 2) {
                dVar.e(file.getName());
                dVar.g(str2);
                X509Certificate b12 = b(str);
                dVar.f(b12 != null ? g(b12) : null);
            }
            bVar.edit().putString(str, this.f23664g.j(dVar)).apply();
        } finally {
        }
    }

    @Override // ec.m
    public final void initialize(@NotNull Context context, @NotNull ec.f configParameters, @NotNull String userLocale, ec.p pVar) {
        fj.g a11;
        fj.g a12;
        File a13;
        File a14;
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(configParameters, "configParameters");
        Intrinsics.checkNotNullParameter(userLocale, "userLocale");
        this.f23660c = context.getApplicationContext();
        this.f23661d = new dn0.a(context, this.f23658a);
        s6.c b11 = b.b(context);
        b.EnumC0863b enumC0863b = b.EnumC0863b.f56662b;
        b.c cVar = b.c.f56665b;
        String str = b11.f56668a;
        int i11 = ij.b.f31997a;
        p.e(new ij.a(), true);
        p.f(new ij.c());
        gj.a.a();
        Context applicationContext = context.getApplicationContext();
        a.C0478a c0478a = new a.C0478a();
        c0478a.f33438e = enumC0863b.f56664a;
        c0478a.e(applicationContext, "__androidx_security_crypto_encrypted_prefs_key_keyset__", "threeds_wrapper_certs_prefs");
        c0478a.d("android-keystore://" + str);
        jj.a a15 = c0478a.a();
        synchronized (a15) {
            a11 = a15.f33433b.a();
        }
        a.C0478a c0478a2 = new a.C0478a();
        c0478a2.f33438e = cVar.f56667a;
        c0478a2.e(applicationContext, "__androidx_security_crypto_encrypted_prefs_value_keyset__", "threeds_wrapper_certs_prefs");
        c0478a2.d("android-keystore://" + str);
        jj.a a16 = c0478a2.a();
        synchronized (a16) {
            a12 = a16.f33433b.a();
        }
        s6.b bVar = new s6.b(applicationContext.getSharedPreferences("threeds_wrapper_certs_prefs", 0), (fj.a) a12.a(fj.a.class), (fj.c) a11.a(fj.c.class));
        Intrinsics.checkNotNullExpressionValue(bVar, "create(\n            cont…ryptionScheme.AES256_GCM)");
        this.f23663f = bVar;
        s6.b bVar2 = (s6.b) f();
        Map<String, ?> all = bVar2.getAll();
        Intrinsics.checkNotNullExpressionValue(all, "all");
        for (Map.Entry<String, ?> entry : all.entrySet()) {
            String dsId = entry.getKey();
            String str2 = (String) entry.getValue();
            if (str2 != null) {
                Gson gson = this.f23664g;
                d dVar = (d) gson.d(d.class, str2);
                Intrinsics.checkNotNullExpressionValue(dsId, "dsId");
                X509Certificate c11 = c(dsId);
                if (!Intrinsics.b(dVar.d(), c11 != null ? g(c11) : null)) {
                    String c12 = dVar.c();
                    if (c12 != null && (a14 = a(c12)) != null) {
                        a14.delete();
                    }
                    dVar.j(null);
                    dVar.h(null);
                    dVar.i(null);
                }
                X509Certificate b12 = b(dsId);
                if (!Intrinsics.b(dVar.b(), b12 != null ? g(b12) : null)) {
                    String a17 = dVar.a();
                    if (a17 != null && (a13 = a(a17)) != null) {
                        a13.delete();
                    }
                    dVar.g(null);
                    dVar.e(null);
                    dVar.f(null);
                }
                bVar2.edit().putString(dsId, gson.j(dVar)).apply();
            }
        }
        ThreeDS2Service threeDS2Service = new ThreeDS2Service();
        threeDS2Service.setCertificatesProvider(this);
        this.f23662e = threeDS2Service;
        threeDS2Service.initialize(context, configParameters, userLocale, pVar);
    }
}
